Commit d5ea9346 authored by Robert Speicher's avatar Robert Speicher

Add custom UrlValidator

parent 2928e19d
...@@ -43,12 +43,12 @@ class ApplicationSetting < ActiveRecord::Base ...@@ -43,12 +43,12 @@ class ApplicationSetting < ActiveRecord::Base
validates :home_page_url, validates :home_page_url,
allow_blank: true, allow_blank: true,
format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" }, url: true,
if: :home_page_url_column_exist if: :home_page_url_column_exist
validates :after_sign_out_path, validates :after_sign_out_path,
allow_blank: true, allow_blank: true,
format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" } url: true
validates :admin_notification_email, validates :admin_notification_email,
allow_blank: true, allow_blank: true,
......
...@@ -20,8 +20,7 @@ module Ci ...@@ -20,8 +20,7 @@ module Ci
# HTTParty timeout # HTTParty timeout
default_timeout 10 default_timeout 10
validates :url, presence: true, validates :url, presence: true, url: true
format: { with: URI::regexp(%w(http https)), message: "should be a valid url" }
def execute(data) def execute(data)
parsed_url = URI.parse(url) parsed_url = URI.parse(url)
......
...@@ -31,8 +31,7 @@ class WebHook < ActiveRecord::Base ...@@ -31,8 +31,7 @@ class WebHook < ActiveRecord::Base
# HTTParty timeout # HTTParty timeout
default_timeout Gitlab.config.gitlab.webhook_timeout default_timeout Gitlab.config.gitlab.webhook_timeout
validates :url, presence: true, validates :url, presence: true, url: true
format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" }
def execute(data, hook_name) def execute(data, hook_name)
parsed_url = URI.parse(url) parsed_url = URI.parse(url)
......
...@@ -152,7 +152,7 @@ class Project < ActiveRecord::Base ...@@ -152,7 +152,7 @@ class Project < ActiveRecord::Base
validates_uniqueness_of :name, scope: :namespace_id validates_uniqueness_of :name, scope: :namespace_id
validates_uniqueness_of :path, scope: :namespace_id validates_uniqueness_of :path, scope: :namespace_id
validates :import_url, validates :import_url,
format: { with: /\A#{URI.regexp(%w(ssh git http https))}\z/, message: 'should be a valid url' }, url: { protocols: %w(ssh git http https) },
if: :external_import? if: :external_import?
validates :star_count, numericality: { greater_than_or_equal_to: 0 } validates :star_count, numericality: { greater_than_or_equal_to: 0 }
validate :check_limit, on: :create validate :check_limit, on: :create
......
...@@ -23,10 +23,7 @@ class BambooService < CiService ...@@ -23,10 +23,7 @@ class BambooService < CiService
prop_accessor :bamboo_url, :build_key, :username, :password prop_accessor :bamboo_url, :build_key, :username, :password
validates :bamboo_url, validates :bamboo_url, presence: true, url: true, if: :activated?
presence: true,
format: { with: /\A#{URI.regexp}\z/ },
if: :activated?
validates :build_key, presence: true, if: :activated? validates :build_key, presence: true, if: :activated?
validates :username, validates :username,
presence: true, presence: true,
...@@ -84,7 +81,7 @@ class BambooService < CiService ...@@ -84,7 +81,7 @@ class BambooService < CiService
def supported_events def supported_events
%w(push) %w(push)
end end
def build_info(sha) def build_info(sha)
url = URI.parse("#{bamboo_url}/rest/api/latest/result?label=#{sha}") url = URI.parse("#{bamboo_url}/rest/api/latest/result?label=#{sha}")
......
...@@ -19,14 +19,11 @@ ...@@ -19,14 +19,11 @@
# #
class DroneCiService < CiService class DroneCiService < CiService
prop_accessor :drone_url, :token, :enable_ssl_verification prop_accessor :drone_url, :token, :enable_ssl_verification
validates :drone_url,
presence: true, validates :drone_url, presence: true, url: true, if: :activated?
format: { with: /\A#{URI.regexp(%w(http https))}\z/, message: "should be a valid url" }, if: :activated? validates :token, presence: true, if: :activated?
validates :token,
presence: true,
if: :activated?
after_save :compose_service_hook, if: :activated? after_save :compose_service_hook, if: :activated?
...@@ -58,16 +55,16 @@ class DroneCiService < CiService ...@@ -58,16 +55,16 @@ class DroneCiService < CiService
end end
def merge_request_status_path(iid, sha = nil, ref = nil) def merge_request_status_path(iid, sha = nil, ref = nil)
url = [drone_url, url = [drone_url,
"gitlab/#{project.namespace.path}/#{project.path}/pulls/#{iid}", "gitlab/#{project.namespace.path}/#{project.path}/pulls/#{iid}",
"?access_token=#{token}"] "?access_token=#{token}"]
URI.join(*url).to_s URI.join(*url).to_s
end end
def commit_status_path(sha, ref) def commit_status_path(sha, ref)
url = [drone_url, url = [drone_url,
"gitlab/#{project.namespace.path}/#{project.path}/commits/#{sha}", "gitlab/#{project.namespace.path}/#{project.path}/commits/#{sha}",
"?branch=#{URI::encode(ref.to_s)}&access_token=#{token}"] "?branch=#{URI::encode(ref.to_s)}&access_token=#{token}"]
URI.join(*url).to_s URI.join(*url).to_s
...@@ -114,15 +111,15 @@ class DroneCiService < CiService ...@@ -114,15 +111,15 @@ class DroneCiService < CiService
end end
def merge_request_page(iid, sha, ref) def merge_request_page(iid, sha, ref)
url = [drone_url, url = [drone_url,
"gitlab/#{project.namespace.path}/#{project.path}/redirect/pulls/#{iid}"] "gitlab/#{project.namespace.path}/#{project.path}/redirect/pulls/#{iid}"]
URI.join(*url).to_s URI.join(*url).to_s
end end
def commit_page(sha, ref) def commit_page(sha, ref)
url = [drone_url, url = [drone_url,
"gitlab/#{project.namespace.path}/#{project.path}/redirect/commits/#{sha}", "gitlab/#{project.namespace.path}/#{project.path}/redirect/commits/#{sha}",
"?branch=#{URI::encode(ref.to_s)}"] "?branch=#{URI::encode(ref.to_s)}"]
URI.join(*url).to_s URI.join(*url).to_s
...@@ -163,10 +160,10 @@ class DroneCiService < CiService ...@@ -163,10 +160,10 @@ class DroneCiService < CiService
end end
def push_valid?(data) def push_valid?(data)
opened_merge_requests = project.merge_requests.opened.where(source_project_id: project.id, opened_merge_requests = project.merge_requests.opened.where(source_project_id: project.id,
source_branch: Gitlab::Git.ref_name(data[:ref])) source_branch: Gitlab::Git.ref_name(data[:ref]))
opened_merge_requests.empty? && data[:total_commits_count] > 0 && opened_merge_requests.empty? && data[:total_commits_count] > 0 &&
!Gitlab::Git.blank_ref?(data[:after]) !Gitlab::Git.blank_ref?(data[:after])
end end
......
...@@ -22,10 +22,8 @@ class ExternalWikiService < Service ...@@ -22,10 +22,8 @@ class ExternalWikiService < Service
include HTTParty include HTTParty
prop_accessor :external_wiki_url prop_accessor :external_wiki_url
validates :external_wiki_url,
presence: true, validates :external_wiki_url, presence: true, url: true, if: :activated?
format: { with: /\A#{URI.regexp}\z/ },
if: :activated?
def title def title
'External Wiki' 'External Wiki'
......
...@@ -23,16 +23,16 @@ class TeamcityService < CiService ...@@ -23,16 +23,16 @@ class TeamcityService < CiService
prop_accessor :teamcity_url, :build_type, :username, :password prop_accessor :teamcity_url, :build_type, :username, :password
validates :teamcity_url, validates :teamcity_url, presence: true, url: true, if: :activated?
presence: true,
format: { with: /\A#{URI.regexp}\z/ }, if: :activated?
validates :build_type, presence: true, if: :activated? validates :build_type, presence: true, if: :activated?
validates :username, validates :username,
presence: true, presence: true,
if: ->(service) { service.password? }, if: :activated? if: ->(service) { service.password? },
if: :activated?
validates :password, validates :password,
presence: true, presence: true,
if: ->(service) { service.username? }, if: :activated? if: ->(service) { service.username? },
if: :activated?
attr_accessor :response attr_accessor :response
......
# UrlValidator
#
# Custom validator for URLs.
#
# By default, only URLs for the HTTP(S) protocols will be considered valid.
# Provide a `:protocols` option to configure accepted protocols.
#
# Example:
#
# class User < ActiveRecord::Base
# validates :personal_url, url: true
#
# validates :ftp_url, url: { protocols: %w(ftp) }
#
# validates :git_url, url: { protocols: %w(http https ssh git) }
# end
#
class UrlValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
unless valid_url?(value)
record.errors.add(attribute, "must be a valid URL")
end
end
private
def default_options
@default_options ||= { protocols: %w(http https) }
end
def valid_url?(value)
options = default_options.merge(self.options)
value =~ /\A#{URI.regexp(options[:protocols])}\z/
end
end
...@@ -36,6 +36,22 @@ describe ApplicationSetting, models: true do ...@@ -36,6 +36,22 @@ describe ApplicationSetting, models: true do
it { expect(setting).to be_valid } it { expect(setting).to be_valid }
describe 'validations' do
let(:http) { 'http://example.com' }
let(:https) { 'https://example.com' }
let(:ftp) { 'ftp://example.com' }
it { is_expected.to allow_value(nil).for(:home_page_url) }
it { is_expected.to allow_value(http).for(:home_page_url) }
it { is_expected.to allow_value(https).for(:home_page_url) }
it { is_expected.not_to allow_value(ftp).for(:home_page_url) }
it { is_expected.to allow_value(nil).for(:after_sign_out_path) }
it { is_expected.to allow_value(http).for(:after_sign_out_path) }
it { is_expected.to allow_value(https).for(:after_sign_out_path) }
it { is_expected.not_to allow_value(ftp).for(:after_sign_out_path) }
end
context 'restricted signup domains' do context 'restricted signup domains' do
it 'set single domain' do it 'set single domain' do
setting.restricted_signup_domains_raw = 'example.com' setting.restricted_signup_domains_raw = 'example.com'
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment